Il 19/05/2013 06:52, Jun Nakajima ha scritto:
> From: Nadav Har'El <nyh@xxxxxxxxxx>
>
> Advertise the support of EPT to the L1 guest, through the appropriate MSR.
>
> This is the last patch of the basic Nested EPT feature, so as to allow
> bisection through this patch series: The guest will not see EPT support until
> this last patch, and will not attempt to use the half-applied feature.
>
> Signed-off-by: Nadav Har'El <nyh@xxxxxxxxxx>
> Signed-off-by: Jun Nakajima <jun.nakajima@xxxxxxxxx>
> Signed-off-by: Xinhao Xu <xinhao.xu@xxxxxxxxx>
> ---
> arch/x86/include/asm/vmx.h | 2 ++
> arch/x86/kvm/vmx.c | 17 +++++++++++++++--
> 2 files changed, 17 insertions(+), 2 deletions(-)
This patch is ok, but it must be placed after patch 10 ("nEPT: Nested
INVEPT").
Paolo
> diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h
> index f3e01a2..4aec45d 100644
> --- a/arch/x86/include/asm/vmx.h
> +++ b/arch/x86/include/asm/vmx.h
> @@ -394,7 +394,9 @@ enum vmcs_field {
> #define VMX_EPTP_WB_BIT (1ull << 14)
> #define VMX_EPT_2MB_PAGE_BIT (1ull << 16)
> #define VMX_EPT_1GB_PAGE_BIT (1ull << 17)
> +#define VMX_EPT_INVEPT_BIT (1ull << 20)
> #define VMX_EPT_AD_BIT (1ull << 21)
> +#define VMX_EPT_EXTENT_INDIVIDUAL_BIT (1ull << 24)
> #define VMX_EPT_EXTENT_CONTEXT_BIT (1ull << 25)
> #define VMX_EPT_EXTENT_GLOBAL_BIT (1ull << 26)
>
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index 4661a22..1cf8a41 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -2155,6 +2155,7 @@ static u32 nested_vmx_pinbased_ctls_low, nested_vmx_pinbased_ctls_high;
> static u32 nested_vmx_exit_ctls_low, nested_vmx_exit_ctls_high;
> static u32 nested_vmx_entry_ctls_low, nested_vmx_entry_ctls_high;
> static u32 nested_vmx_misc_low, nested_vmx_misc_high;
> +static u32 nested_vmx_ept_caps;
> static __init void nested_vmx_setup_ctls_msrs(void)
> {
> /*
> @@ -2242,6 +2243,18 @@ static __init void nested_vmx_setup_ctls_msrs(void)
> SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
> SECONDARY_EXEC_WBINVD_EXITING;
>
> + if (enable_ept) {
> + /* nested EPT: emulate EPT also to L1 */
> + nested_vmx_secondary_ctls_high |= SECONDARY_EXEC_ENABLE_EPT;
> + nested_vmx_ept_caps = VMX_EPT_PAGE_WALK_4_BIT;
> + nested_vmx_ept_caps |=
> + VMX_EPT_INVEPT_BIT | VMX_EPT_EXTENT_GLOBAL_BIT |
> + VMX_EPT_EXTENT_CONTEXT_BIT |
> + VMX_EPT_EXTENT_INDIVIDUAL_BIT;
> + nested_vmx_ept_caps &= vmx_capability.ept;
> + } else
> + nested_vmx_ept_caps = 0;
> +
> /* miscellaneous data */
> rdmsr(MSR_IA32_VMX_MISC, nested_vmx_misc_low, nested_vmx_misc_high);
> nested_vmx_misc_low &= VMX_MISC_PREEMPTION_TIMER_RATE_MASK |
> @@ -2347,8 +2360,8 @@ static int vmx_get_vmx_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata)
> nested_vmx_secondary_ctls_high);
> break;
> case MSR_IA32_VMX_EPT_VPID_CAP:
> - /* Currently, no nested ept or nested vpid */
> - *pdata = 0;
> + /* Currently, no nested vpid support */
> + *pdata = nested_vmx_ept_caps;
> break;
> default:
> return 0;
>
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
